FinaMetrica, a PlanPlus Global company, is committed to compliance with the General Data Protection Regulation (GDPR), which came into effect on the 25th May 2018.
Information security, data protection and privacy are fundamental to the successful operations of FinaMetrica and all PlanPlus Global companies. We are committed to creating and maintaining practical information security, data protection and privacy policies and procedures that demonstrate and ensure the integrity of our operations. In addition, these policies and safeguards secure the interests of our customers and partners.
Over the last few years, FinaMetrica have been working to develop and implement a number of appropriate controls, aligned with the International Standard ISO27001/2 to improve the overall security posture of the organisation. These controls contain appropriate technical and organisational measures, providing confidence to our customers and partners that reasonable and appropriate steps are been undertaken by FinaMetrica to ensure ongoing information security, data protection and privacy compliance.
We have been reviewing, updating and making changes to our processes, procedures, and policies to be in line with GDPR.
GDPR is aimed at enhancing the personal data protection of EU data subjects, fostering transparency and accountability around personal data collection, storage, access, use, transfer and processing. GDPR applies to organisations that hold, record, control or processes data of EU residents and is one of the most significant data privacy reforms in years, harmonising for the first time data protection laws across the EU.
We’ve created this page to update you on our GDPR activities. If you have further questions, please feel free to contact Larry Bowen, Data Protection Officer (DPO), at email@example.com.
Last updated: 01-Aug-2018.
What FinaMetrica is doing to ensure GDPR compliance:
Review of our data inventory, personal data processing and our data operations to ensure our software development, data handling and management practices meet the requirements of GDPR.
Perform risk assessments of our business processes and processing activities and where necessary update and implement appropriate physical, technical and organisational measures to meet the requirements of GDPR.
Verifying and updating our arrangements and agreements with third party suppliers (for example: web hosts, developers, CRM platform and regional partners) to ensure that they are GDPR compliant.
Data Processing Agreement (DPA)
Implement required changes to our policies and procedures, to meet the requirements of GDPR, including our consent opt-in process and notification to data subjects of their GDPR rights. You’ll soon be receiving a notice from us in relation to the above.
Verifying and communicating our GDPR compliance to you.